Title: Password Reset Enforcement
Author: Teydea Studio
Published: <strong>January 19, 2024</strong>
Last modified: April 16, 2026

---

Search plugins

![](https://ps.w.org/password-reset-enforcement/assets/banner-772x250.jpg?rev=3387483)

![](https://ps.w.org/password-reset-enforcement/assets/icon.svg?rev=3116506)

# Password Reset Enforcement

 By [Teydea Studio](https://profiles.wordpress.org/teydeastudio/)

[Download](https://downloads.wordpress.org/plugin/password-reset-enforcement.1.12.0.zip)

[Live Preview](https://sna.wordpress.org/plugins/password-reset-enforcement/?preview=1)

 * [Details](https://sna.wordpress.org/plugins/password-reset-enforcement/#description)
 * [Reviews](https://sna.wordpress.org/plugins/password-reset-enforcement/#reviews)
 *  [Installation](https://sna.wordpress.org/plugins/password-reset-enforcement/#installation)
 * [Development](https://sna.wordpress.org/plugins/password-reset-enforcement/#developers)

 [Support](https://wordpress.org/support/plugin/password-reset-enforcement/)

## Description

**Enhance your WordPress website’s security by forcing users to reset their passwords.**

Password Reset Enforcement is a simple yet powerful security plugin that allows 
site administrators to require users to update their passwords—ideal after a potential
data breach, routine security checks, or during onboarding/offboarding processes.

### Features

 * **Force password reset for all users**, specific user roles, or individual users.
 * **Optional email notification** to users with a direct reset link.
 * **Flexible login behavior**:
    - _Allow login before resetting_: users log in with the old password, are immediately
      prompted to set a new one.
    - _Block login until reset_: users must reset their password before accessing
      the dashboard.
 * **Choose reset timing**:
    - _Immediately_: forces logout and password reset on next login.
    - _After session expiry_: users are asked to reset after their current session
      ends.
 * **WP-CLI support** for command-line password management and automation.
 * **Multisite compatible** (network-wide reset only).
 * Optimized for performance on large-scale and enterprise WordPress installations.

### Use Cases

 * Responding to a **security breach** or suspected compromise.
 * Enforcing **routine password changes** in corporate environments.
 * Applying **onboarding/offboarding security policies** for teams or membership
   sites.

### Compatibility

 * Works on both single-site and multisite (network) WordPress setups.
 * Supports PHP 7.4+ and WordPress 6.6 through 7.0.
 * Compatible with modern WordPress admin experience.

### WP-CLI Commands

This plugin provides WP-CLI commands for automated password reset management:

**Force Password Reset**
 wp password-reset-enforcement force [–to_all] [–to_roles
=] [–to_users=] [–applicability=] [–with_email] [–with_current_password_allowed][–
limit=] [–paged=]

**Clear Password Reset Enforcement**
 wp password-reset-enforcement clear [–to_all][–
to_roles=] [–to_users=] [–limit=] [–paged=]

**List Users with Enforced Password Reset**
 wp password-reset-enforcement list [–
limit=] [–paged=]

**Check Password Reset Status**
 wp password-reset-enforcement status [–to_all] [–
to_roles=] [–to_users=] [–limit=] [–paged=]

#### Command Options

 * `--to_all`: Target all users on the site
 * `--to_roles=<roles>`: Comma-separated list of user roles (e.g., editor,administrator)
 * `--to_users=<user_ids>`: Comma-separated list of specific user IDs (e.g., 1,5,10)
 * `--applicability=<when>`: When reset takes effect (immediately, after_session_expiry)
 * `--with_email`: Send email notifications to affected users (default: true)
 * `--with_current_password_allowed`: Allow users to reuse current password (default:
   false)
 * `--limit=<number>`: Maximum users to process in single operation
 * `--paged=<page>`: Page number for pagination

#### Command Examples

    ```
    wp password-reset-enforcement force --to_all
    wp password-reset-enforcement force --to_roles=editor,administrator --applicability=after_session_expiry
    wp password-reset-enforcement clear --to_users=1,5,10
    wp password-reset-enforcement list --limit=50 --paged=2
    wp password-reset-enforcement status --to_all --limit=50 --paged=2<h3>Related Plugins</h3>
    ```

Want to go beyond forced password resets? Check our [WP Password Policy](https://wppasswordpolicy.com/?utm_source=Password+Reset+Enforcement)
plugin to enforce strong password rules, block weak passwords, and set automatic
expiry policies — so you’ll never need to force a password reset again. [https://
wordpress.org/plugins/password-requirements/](Free version available on WordPress.
org).

## Screenshots

 * [[
 * Force password reset for all users.
 * [[
 * Target users by role, username, or display name.
 * [[
 * Process the action.

## Installation

 1. Upload the plugin to the `/wp-content/plugins/` directory or install via the WordPress
    admin panel.
 2. Activate the plugin.
 3. Go to **Settings  Password Reset Enforcement** to initiate resets.

## FAQ

### Will this log users out immediately?

Only if you choose the “Immediately” option. Otherwise, users will be asked to reset
after their current session expires.

### Is it compatible with other login plugins or 2FA solutions?

Yes, Password Reset Enforcement is designed for compatibility and works well alongside
popular authentication and security plugins.

### Can I use this on a WooCommerce site?

Absolutely. Works seamlessly with WooCommerce and other membership or eCommerce 
platforms.

### Does this plugin support WP-CLI?

Yes! The plugin includes comprehensive WP-CLI commands for forcing password resets,
clearing enforcement, and checking status. Perfect for automation, server management,
and bulk operations.

## Reviews

![](https://secure.gravatar.com/avatar/a5a46678813e9a0392052373445c359ae4c3ca48e807a65db3e6aaaf0693708d?
s=60&d=retro&r=g)

### 󠀁[Very useful for forcing the reset of passwords for multiple administrators](https://wordpress.org/support/topic/very-useful-for-forcing-the-reset-of-passwords-for-multiple-administrators/)󠁿

 [delemo](https://profiles.wordpress.org/delemo/) June 24, 2025 1 reply

After suspecting a malicious attempt on my website, I needed to force several administrators
to reset their passwords. This plugin made my job much easier.

![](https://secure.gravatar.com/avatar/e35daa6331cd14521d5cdf9d2b7ec23988551302eb6236cafac3038248d6fdfc?
s=60&d=retro&r=g)

### 󠀁[Some quality of life needed](https://wordpress.org/support/topic/some-quality-of-life-needed/)󠁿

 [Miikka](https://profiles.wordpress.org/miikkamakela/) October 22, 2024 1 reply

Would like that the user list auto-completes or searches the users. Pressing enter
on the settings page turned to page gray without any indication what may have happened.
Allow a save button to save settings before executing action.

 [ Read all 2 reviews ](https://wordpress.org/support/plugin/password-reset-enforcement/reviews/)

## Contributors & Developers

“Password Reset Enforcement” is open source software. The following people have 
contributed to this plugin.

Contributors

 *   [ Teydea Studio ](https://profiles.wordpress.org/teydeastudio/)
 *   [ Bartosz Gadomski ](https://profiles.wordpress.org/bartoszgadomski/)

“Password Reset Enforcement” has been translated into 1 locale. Thank you to [the translators](https://translate.wordpress.org/projects/wp-plugins/password-reset-enforcement/contributors)
for their contributions.

[Translate “Password Reset Enforcement” into your language.](https://translate.wordpress.org/projects/wp-plugins/password-reset-enforcement)

### Interested in development?

[Browse the code](https://plugins.trac.wordpress.org/browser/password-reset-enforcement/),
check out the [SVN repository](https://plugins.svn.wordpress.org/password-reset-enforcement/),
or subscribe to the [development log](https://plugins.trac.wordpress.org/log/password-reset-enforcement/)
by [RSS](https://plugins.trac.wordpress.org/log/password-reset-enforcement/?limit=100&mode=stop_on_copy&format=rss).

## Changelog

#### 1.12.0 (2026-04-16)

 * Compatibility with WordPress 7.0 confirmed
 * Direct access protection added to all PHP files
 * Unnecessary translation files removed since these are loaded from WordPress.org
 * Security hardening – added missing escaping
 * Do not hardcode `wp-login.php` path for login form
 * Formatting updates
 * Dependencies updated

#### 1.11.1 (2025-11-28)

 * Compatibility with WordPress 6.9 confirmed
 * Dependencies updated

#### 1.11.0 (2025-10-31)

 * Direct links to force password reset has been added to the Users page along with
   bulk action
 * Clear indicators that a password reset has been enforced for a given user has
   been added to the Users and User Profile screens
 * User selector component has been improved
 * WP-CLI commands have been added, allowing power users to force password reset,
   clear the enforcement, check the status, and list users for whom the password
   reset has been enforced
 * Dependencies updated
 * Code improvements

#### 1.10.2 (2025-05-08)

 * Plugin links and references to Teydea Studio updated
 * Dependencies updated

#### 1.10.1 (2025-04-04)

 * Compatibility with WordPress 6.8 confirmed
 * Issue of requesting the translated string too early fixed
 * Dependencies updated
 * Code improvements

#### 1.10.0 (2025-02-21)

 * Dependencies updated
 * Code improvements

#### 1.9.0 (2024-12-13)

 * Dependencies updated
 * Code improvements

#### 1.8.0 (2024-11-08)

 * Custom capabilities for managing the plugin settings implemented
 * Compatibility with WordPress 6.7 confirmed
 * Dependencies updated
 * Code improvements

#### 1.7.2 (2024-10-25)

 * JS dependency map and tree-shaking optimized

#### 1.7.1 (2024-10-23)

 * Add missing Cache utility class

(For older records, see the `changelog.txt` file).

## Meta

 *  Version **1.12.0**
 *  Last updated **4 days ago**
 *  Active installations **100+**
 *  WordPress version ** 6.6 or higher **
 *  Tested up to **7.0**
 *  PHP version ** 7.4 or higher **
 *  Languages
 * [English (US)](https://wordpress.org/plugins/password-reset-enforcement/) and
   [Polish](https://pl.wordpress.org/plugins/password-reset-enforcement/).
 *  [Translate into your language](https://translate.wordpress.org/projects/wp-plugins/password-reset-enforcement)
 * Tags
 * [force password change](https://sna.wordpress.org/plugins/tags/force-password-change/)
   [reset password](https://sna.wordpress.org/plugins/tags/reset-password/)[secure login](https://sna.wordpress.org/plugins/tags/secure-login/)
   [wordpress security](https://sna.wordpress.org/plugins/tags/wordpress-security/)
 *  [Advanced View](https://sna.wordpress.org/plugins/password-reset-enforcement/advanced/)

## Ratings

 4 out of 5 stars.

 *  [  1 5-star review     ](https://wordpress.org/support/plugin/password-reset-enforcement/reviews/?filter=5)
 *  [  0 4-star reviews     ](https://wordpress.org/support/plugin/password-reset-enforcement/reviews/?filter=4)
 *  [  1 3-star review     ](https://wordpress.org/support/plugin/password-reset-enforcement/reviews/?filter=3)
 *  [  0 2-star reviews     ](https://wordpress.org/support/plugin/password-reset-enforcement/reviews/?filter=2)
 *  [  0 1-star reviews     ](https://wordpress.org/support/plugin/password-reset-enforcement/reviews/?filter=1)

[Your review](https://wordpress.org/support/plugin/password-reset-enforcement/reviews/#new-post)

[See all reviews](https://wordpress.org/support/plugin/password-reset-enforcement/reviews/)

## Contributors

 *   [ Teydea Studio ](https://profiles.wordpress.org/teydeastudio/)
 *   [ Bartosz Gadomski ](https://profiles.wordpress.org/bartoszgadomski/)

## Support

Got something to say? Need help?

 [View support forum](https://wordpress.org/support/plugin/password-reset-enforcement/)